Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-08 15:05:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

check privs on getRecentReplies and getRecentTopicReplies

Browse Source
This commit is contained in:
barisusakli
2014-11-14 16:20:36 -05:00
parent c7ca2e2573
commit 6a3a3669d2
2 changed files with 30 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/categories/recentreplies.js
View File

@@ -7,20 +7,23 @@ var async = require('async'),
db = require('../database'),
posts = require('../posts'),
topics = require('../topics');
topics = require('../topics'),
privileges = require('../privileges');
module.exports = function(Categories) {
Categories.getRecentReplies = function(cid, uid, count, callback) {
if (!parseInt(count, 10)) {
return callback(null, []);
}
db.getSortedSetRevRange('cid:' + cid + ':pids', 0, count - 1, function(err, pids) {
if (err || !pids || !pids.length) {
privileges.categories.can('read', cid, uid, function(err, canRead) {
if (err || !canRead || !parseInt(count, 10)) {
return callback(err, []);
}
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, callback);
db.getSortedSetRevRange('cid:' + cid + ':pids', 0, count - 1, function(err, pids) {
if (err || !Array.isArray(pids) || !pids.length) {
return callback(err, []);
}
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, callback);
});
});
};
@@ -28,29 +31,29 @@ module.exports = function(Categories) {
if (!Array.isArray(categoryData) || !categoryData.length) {
return callback(null, []);
}
async.map(categoryData, getRecentTopicPids, function(err, results) {
if (err) {
return callback(err);
}
var pids = _.flatten(results);
pids = pids.filter(function(pid, index, array) {
return !!pid && array.indexOf(pid) === index;
});
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, function(err, posts) {
if (err) {
return callback(err);
}
async.waterfall([
function(next) {
async.map(categoryData, getRecentTopicPids, next);
},
function(results, next) {
var pids = _.flatten(results);
pids = pids.filter(function(pid, index, array) {
return !!pid && array.indexOf(pid) === index;
});
privileges.posts.filter('read', pids, uid, next);
},
function(pids, next) {
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, next);
},
function(posts, next) {
categoryData.forEach(function(category) {
assignPostsToCategory(category, posts);
});
callback();
});
});
next();
}
], callback);
};
function assignPostsToCategory(category, posts) {

12
src/socket.io/categories.js
View File

@@ -11,17 +11,7 @@ var async = require('async'),
SocketCategories = {};
SocketCategories.getRecentReplies = function(socket, cid, callback) {
privileges.categories.can('read', cid, socket.uid, function(err, canRead) {
if (err) {
return callback(err);
}
if (!canRead) {
return callback(null, []);
}
categories.getRecentReplies(cid, socket.uid, 4, callback);
});
categories.getRecentReplies(cid, socket.uid, 4, callback);
};
SocketCategories.get = function(socket, data, callback) {